Catch HTTPExceptions in App::runFrontend()

[friendica.git] / mod / tagger.php

diff --git a/mod/tagger.php b/mod/tagger.php
index 0df31ac9a325d20cdeac2093bb4ff769c77917bc..78133a9e1823a30498262e811269eee948c910e0 100644 (file)
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -5,13 +5,13 @@
 use Friendica\App;
 use Friendica\Core\Addon;
 use Friendica\Core\L10n;
+use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
 use Friendica\Model\Item;
-
-require_once 'include/security.php';
-require_once 'include/items.php';
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
 
 function tagger_content(App $a) {
 
@@ -19,7 +19,7 @@ function tagger_content(App $a) {
                return;
        }
 
-       $term = notags(trim($_GET['term']));
+       $term = Strings::escapeTags(trim($_GET['term']));
        // no commas allowed
        $term = str_replace([',',' '],['','_'],$term);
 
@@ -27,15 +27,15 @@ function tagger_content(App $a) {
                return;
        }
 
-       $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+       $item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
 
-       logger('tagger: tag ' . $term . ' item ' . $item_id);
+       Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
 
 
        $item = Item::selectFirst([], ['id' => $item_id]);
 
-       if (!$item_id || !DBM::is_result($item)) {
-               logger('tagger: no item ' . $item_id);
+       if (!$item_id || !DBA::isResult($item)) {
+               Logger::log('tagger: no item ' . $item_id);
                return;
        }
 
@@ -46,7 +46,7 @@ function tagger_content(App $a) {
        $r = q("select `nickname`,`blocktags` from user where uid = %d limit 1",
                intval($owner_uid)
        );
-       if (DBM::is_result($r)) {
+       if (DBA::isResult($r)) {
                $owner_nick = $r[0]['nickname'];
                $blocktags = $r[0]['blocktags'];
        }
@@ -58,15 +58,15 @@ function tagger_content(App $a) {
        $r = q("select * from contact where self = 1 and uid = %d limit 1",
                intval(local_user())
        );
-       if (DBM::is_result($r)) {
+       if (DBA::isResult($r)) {
                        $contact = $r[0];
        } else {
-               logger('tagger: no contact_id');
+               Logger::log('tagger: no contact_id');
                return;
        }
 
        $uri = Item::newURI($owner_uid);
-       $xterm = xmlify($term);
+       $xterm = XML::escape($term);
        $post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
        $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
 
@@ -76,9 +76,9 @@ function tagger_content(App $a) {
                $href = System::baseUrl() . '/display/' . $item['guid'];
        }
 
-       $link = xmlify('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n") ;
+       $link = XML::escape('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n");
 
-       $body = xmlify($item['body']);
+       $body = XML::escape($item['body']);
 
        $target = <<< EOT
        <target>
@@ -91,7 +91,7 @@ function tagger_content(App $a) {
        </target>
 EOT;
 
-       $tagid = System::baseUrl() . '/search?tag=' . $term;
+       $tagid = System::baseUrl() . '/search?tag=' . $xterm;
        $objtype = ACTIVITY_OBJ_TAGTERM;
 
        $obj = <<< EOT
@@ -111,15 +111,14 @@ EOT;
                return;
        }
 
-       $termlink = html_entity_decode('&#x2317;') . '[url=' . System::baseUrl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]';
+       $termlink = html_entity_decode('&#x2317;') . '[url=' . System::baseUrl() . '/search?tag=' . $term . ']'. $term . '[/url]';
 
        $arr = [];
 
-       $arr['guid'] = System::createGUID(32);
+       $arr['guid'] = System::createUUID();
        $arr['uri'] = $uri;
        $arr['uid'] = $owner_uid;
        $arr['contact-id'] = $contact['id'];
-       $arr['type'] = 'activity';
        $arr['wall'] = $item['wall'];
        $arr['gravity'] = GRAVITY_COMMENT;
        $arr['parent'] = $item['id'];
@@ -160,7 +159,7 @@ EOT;
 
        $t = q("SELECT count(tid) as tcount FROM term WHERE oid=%d AND term='%s'",
                intval($item['id']),
-               dbesc($term)
+               DBA::escape($term)
        );
 
        if (!$blocktags && $t[0]['tcount'] == 0) {
@@ -168,30 +167,30 @@ EOT;
                   intval($item['id']),
                   $term_objtype,
                   TERM_HASHTAG,
-                  dbesc($term),
-                  dbesc(System::baseUrl() . '/search?tag=' . $term),
+                  DBA::escape($term),
+                  '',
                   intval($owner_uid)
                );
        }
 
        // if the original post is on this site, update it.
        $original_item = Item::selectFirst(['tag', 'id', 'uid'], ['origin' => true, 'uri' => $item['uri']]);
-       if (DBM::is_result($original_item)) {
+       if (DBA::isResult($original_item)) {
                $x = q("SELECT `blocktags` FROM `user` WHERE `uid`=%d LIMIT 1",
                        intval($original_item['uid'])
                );
                $t = q("SELECT COUNT(`tid`) AS `tcount` FROM `term` WHERE `oid`=%d AND `term`='%s'",
                        intval($original_item['id']),
-                       dbesc($term)
+                       DBA::escape($term)
                );
 
-               if (DBM::is_result($x) && !$x[0]['blocktags'] && $t[0]['tcount'] == 0){
+               if (DBA::isResult($x) && !$x[0]['blocktags'] && $t[0]['tcount'] == 0){
                        q("INSERT INTO term (`oid`, `otype`, `type`, `term`, `url`, `uid`) VALUE (%d, %d, %d, '%s', '%s', %d)",
                                intval($original_item['id']),
                                $term_objtype,
                                TERM_HASHTAG,
-                               dbesc($term),
-                               dbesc(System::baseUrl() . '/search?tag=' . $term),
+                               DBA::escape($term),
+                               '',
                                intval($owner_uid)
                        );
                }